NetBSD/src KWxVA08usr.bin/telnet telnet.c commands.c

   Only send exported variables (from OpenBSD):
   https://www.openwall.com/lists/oss-security/2026/03/13/1
VersionDeltaFile
1.45+7-7usr.bin/telnet/telnet.c
1.81+4-4usr.bin/telnet/commands.c
1.15+3-3usr.bin/telnet/authenc.c
1.45+2-2usr.bin/telnet/externs.h
+16-164 files

NetBSD/pkgsrc-wip 21bd51einput-headers distinfo, libopeninput distinfo Makefile.common

libopeninput: update to latest version
DeltaFile
+0-26libopeninput/patches/patch-meson.build
+0-15libopeninput/patches/patch-src_util-prop-parsers.c
+4-5libopeninput/distinfo
+0-5input-headers/distinfo
+4-1libopeninput/Makefile.common
+8-525 files

NetBSD/pkgsrc AVzeKopdoc CHANGES-2026

   doc: Updated net/mikutter to 5.1.1nb7
VersionDeltaFile
1.1731+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc 8TAVsbfnet/mikutter distinfo Makefile, net/mikutter/patches patch-core_mui_cairo__sub__parts__message__base.rb patch-core_mui_cairo__markup__generator.rb

   mikutter: apply upstream patch for pango rendering

   Bump PKGREVISION.
VersionDeltaFile
1.1+39-0net/mikutter/patches/patch-core_mui_cairo__sub__parts__message__base.rb
1.3+21-8net/mikutter/patches/patch-core_mui_cairo__markup__generator.rb
1.1+16-0net/mikutter/patches/patch-plugin_gtk3_widget_miraclepainter.rb
1.193+4-1net/mikutter/distinfo
1.234+2-2net/mikutter/Makefile
+82-115 files

NetBSD/pkgsrc 6iwbhtGdoc CHANGES-2026

   doc: Updated net/ruby-public_suffix to 7.0.5
VersionDeltaFile
1.1730+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc MYTmhojnet/ruby-public_suffix distinfo Makefile

   ruby-public_suffix: update to 7.0.5

   Upstream changes (from CHANGELOG.md):

   7.0.5 - 2026-03-03

    Fixed

     - Fix release crash caused by unconditional rubocop/yard requires
       in Rakefile.

   7.0.4 - 2026-03-03

    Fixed

     - Fix release workflow.

   7.0.3 - 2026-03-03


    [3 lines not shown]
VersionDeltaFile
1.23+4-4net/ruby-public_suffix/distinfo
1.21+2-2net/ruby-public_suffix/Makefile
1.10+2-1net/ruby-public_suffix/PLIST
+8-73 files

NetBSD/pkgsrc-wip 6ad083bchromium distinfo COMMIT_MSG, chromium/patches patch-chrome_browser_about__flags.cc patch-ui_ozone_platform_wayland_host_wayland__exchange__data__provider.cc

chromium: update to 146.0.7680.75
DeltaFile
+1,552-1,536chromium/distinfo
+112-89chromium/patches/patch-chrome_browser_about__flags.cc
+77-23chromium/COMMIT_MSG
+62-0chromium/patches/patch-ui_ozone_platform_wayland_host_wayland__exchange__data__provider.cc
+56-0chromium/patches/patch-third__party_libaom_source_libaom_aom__ports_aarch64__cpudetect.c
+36-18chromium/patches/patch-remoting_host_remoting__me2me__host.cc
+1,895-1,6661,557 files not shown
+5,505-4,8481,563 files

NetBSD/pkgsrc HrHyRwjdoc CHANGES-2026

   doc: Updated net/ruby-addressable to 2.8.9
VersionDeltaFile
1.1729+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc dXqOLlanet/ruby-addressable PLIST distinfo

   ruby-addressable: update to 2.8.9

   Upstream changes:
    https://github.com/sporkmonger/addressable/blob/addressable-2.8.9/CHANGELOG.md

   Addressable 2.8.9

     * Reduce gem size by excluding test files (#569)
     * No need for bundler as development dependency (#571, 5fc1d93)
     * idna/pure: stop building the useless COMPOSITION_TABLE (removes the
       Addressable::IDNA::COMPOSITION_TABLE constant) (#564)
VersionDeltaFile
1.15+1-17net/ruby-addressable/PLIST
1.30+4-4net/ruby-addressable/distinfo
1.29+2-2net/ruby-addressable/Makefile
+7-233 files

NetBSD/pkgsrc IAOot9edoc CHANGES-2026

   doc: Updated sysutils/intel-microcode-netbsd to 20260227
VersionDeltaFile
1.1728+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc QiCzj5wsysutils/intel-microcode-netbsd distinfo Makefile

   Update sysutils/intel-microcode-netbsd to 20260227

   ### Purpose
   - Update for functional issues. Refer to Intel Xeon 6700P-B/6500P-B-Series SoC
     with P-Cores] for details.


   ### Updated Platforms

   | Processor      | Stepping | F-M-S/PI    | Old Ver  | New Ver  | Products
   |:---------------|:---------|:------------|:---------|:---------|:---------
   | GNR-D          | B0/B1    | 06-ae-01/97 | 010002f3 | 01000303 | Xeon 6700P-B/6500P-B Series SoC with P-Cores
VersionDeltaFile
1.62+4-4sysutils/intel-microcode-netbsd/distinfo
1.71+3-3sysutils/intel-microcode-netbsd/Makefile
+7-72 files

NetBSD/pkgsrc palnsbJdoc CHANGES-2026

   doc: Updated sysutils/intel-microcode-netbsd to 20260210-rev1.
VersionDeltaFile
1.1727+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc AbMs8ODsysutils/intel-microcode-netbsd distinfo PLIST

   Update sysutils/intel-microcode-netbsd to 20260210-rev1

   ### Purpose
   - Updated security updates for INTEL-SA-01083 originally published on
     Aug 13, 2024
   - Security updates for INTEL-SA-01396
   - Update for functional issues. Refer to 10th Gen Intel Core Processor Families
     Specification Update for details.
   - Update for functional issues. Refer to 11th Gen Intel Core Processor
     Specification Update for details.
   - Update for functional issues. Refer to 12th Generation Intel Core Processor
     Family for details.
   - Update for functional issues. Refer to 13th Generation Intel Core Processor
     Specification Update for details.
   - Update for functional issues. Refer to 13th/14th Gen Intel Core Processor
     Specification Update for details.
   - Update for functional issues. Refer to 3rd Generation Intel Xeon Processor
     Scalable Family Specification Update for details.
   - Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors

    [59 lines not shown]
VersionDeltaFile
1.61+4-4sysutils/intel-microcode-netbsd/distinfo
1.33+2-5sysutils/intel-microcode-netbsd/PLIST
1.70+3-3sysutils/intel-microcode-netbsd/Makefile
+9-123 files

NetBSD/pkgsrc j2DVonedoc CHANGES-2026

   Updated devel/py-nose2
VersionDeltaFile
1.1726+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc YY5WpL0devel/py-nose2 distinfo Makefile

   py-nose2: updated to 0.16.0

   0.16.0 (2026-03-01)

   Added

   * Added official support for Python 3.14.

   Changed

   * ``nose2`` now explicitly uses a multiprocessing context for the ``mp`` plugin,
     which ensures that it is isolated from any multiprocessing settings used by
     applications under test. This ensures that the ``fork`` start method is always
     used on POSIX systems. ``spawn`` is used on Windows. Thanks
     :user:`JimmyDurandWesolowski` and :user:`airtower-luna`!

   Deprecated

   * The ``coverage`` plugin is now deprecated, and is no longer tested on newer

    [5 lines not shown]
VersionDeltaFile
1.14+4-4devel/py-nose2/distinfo
1.19+2-3devel/py-nose2/Makefile
+6-72 files

NetBSD/pkgsrc EDKz8FIdoc CHANGES-2026

   Updated math/py-simpleeval, textproc/py-phonenumbers
VersionDeltaFile
1.1725+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc z8f3xR8textproc/py-phonenumbers distinfo Makefile

   py-phonenumbers: updated to 9.0.26

   9.0.26
   Unknown changes
VersionDeltaFile
1.43+4-4textproc/py-phonenumbers/distinfo
1.46+2-2textproc/py-phonenumbers/Makefile
+6-62 files

NetBSD/pkgsrc DmxQqspmath/py-simpleeval distinfo Makefile

   py-simpleeval: updated to 1.0.5

   1.0.5

   Fixes Security issues with "dangerous" modules & functions leaking through as attributes of other names, see:

   GHSA-44vg-5wv2-h2hg
VersionDeltaFile
1.15+4-4math/py-simpleeval/distinfo
1.18+2-2math/py-simpleeval/Makefile
+6-62 files

NetBSD/pkgsrc-wip 536693bwebkit-gtk Makefile

webkit-gtk: try to build on Darwin
DeltaFile
+6-1webkit-gtk/Makefile
+6-11 files

NetBSD/pkgsrc CaWsfO4doc TODO

   doc/TODO: webkit-gtk updated in wip.
VersionDeltaFile
1.26930+2-3doc/TODO
+2-31 files

NetBSD/pkgsrc-wip bf18127webkit-gtk PLIST distinfo

webkit-gtk: update to 2.50.6.

Seems more stable, still crashes though.
DeltaFile
+4-4webkit-gtk/PLIST
+3-3webkit-gtk/distinfo
+1-1webkit-gtk/Makefile
+8-83 files

NetBSD/pkgsrc 2BQd1pudoc CHANGES-2026

   Updated security/py-cyclonedx-bom, www/py-scrapy
VersionDeltaFile
1.1724+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc ewbTkGtwww/py-scrapy distinfo Makefile

   py-scrapy: updated to 2.14.2

   Scrapy 2.14.2 (2026-03-12)

   Security bug fixes

   -   Values from the ``Referrer-Policy`` header of HTTP responses are no longer
       executed as Python callables. See the `cwxj-rr6w-m6w7`_ security advisory
       for details.

       .. _cwxj-rr6w-m6w7: https://github.com/scrapy/scrapy/security/advisories/GHSA-cwxj-rr6w-m6w7

   -   In line with the `standard
       <https://fetch.spec.whatwg.org/#http-redirect-fetch>`__, 301 redirects of
       ``POST`` requests are converted into ``GET`` requests.

       Converting to a ``GET`` request implies not only a method change, but also
       omitting the body and ``Content-*`` headers in the redirect request. On
       cross-origin redirects (for example, cross-domain redirects), this is

    [48 lines not shown]
VersionDeltaFile
1.26+4-4www/py-scrapy/distinfo
1.36+2-2www/py-scrapy/Makefile
+6-62 files

NetBSD/pkgsrc JwxW5i9security/py-cyclonedx-bom Makefile distinfo

   py-cyclonedx-bom: updated to 7.2.2

   7.2.2
   Documentation
   - Modernize RTF setup
VersionDeltaFile
1.12+4-4security/py-cyclonedx-bom/Makefile
1.8+4-4security/py-cyclonedx-bom/distinfo
+8-82 files

NetBSD/pkgsrc mgUelvflang/nodejs20 Makefile

   nodejs20: remove commented-out section
VersionDeltaFile
1.33+1-4lang/nodejs20/Makefile
+1-41 files

NetBSD/pkgsrc yGgW3tEdoc CHANGES-2026

   doc: Updated comms/libhidapi to 0.15.0
VersionDeltaFile
1.1723+2-1doc/CHANGES-2026
+2-11 files

NetBSD/pkgsrc zthTDBjcomms/libhidapi distinfo Makefile, comms/libhidapi/patches patch-netbsd_hid.c patch-netbsd_CMakeLists.txt

   libhidapi: update to 0.15.0

   pkgsrc changes:

    - add PLIST_VARS for libhidapi-netbsd (NetBSD HID native backend)
    - pull iconv(3) const check from libusb version
    - check both addr 0 and 1 on enumerating devices (see NetBSD PR/60073)

   Upstream changes:
    https://github.com/libusb/hidapi/releases/tag/hidapi-0.15.0

   general: Add hid_send_output_report() (#677)
   general: Add hid_read_error() (#721)

   winapi: add hid_winapi_set_write_timeout (#700)
   winapi: improvements for hid_get_report_descriptor/hid_winapi_descriptor_reconstruct_pp_data (#707)

   hidraw: report only Top-Level Usage_page/Usage pairs as 'unique' devices (#601)


    [8 lines not shown]
VersionDeltaFile
1.1+59-0comms/libhidapi/patches/patch-netbsd_hid.c
1.1+22-0comms/libhidapi/patches/patch-netbsd_CMakeLists.txt
1.10+6-4comms/libhidapi/distinfo
1.13+5-3comms/libhidapi/Makefile
1.9+5-1comms/libhidapi/PLIST
+97-85 files

NetBSD/pkgsrc QubH1PYdoc CHANGES-2026

   Updated lang/nodejs20, devel/capnproto
VersionDeltaFile
1.1722+3-1doc/CHANGES-2026
+3-11 files

NetBSD/pkgsrc dcajxO2devel/capnproto distinfo Makefile

   capnproto: updated to 1.4.0

   1.4.0
   Unknown changes
VersionDeltaFile
1.8+4-4devel/capnproto/distinfo
1.12+2-2devel/capnproto/Makefile
+6-62 files

NetBSD/pkgsrc P9zvOpwlang/nodejs20 distinfo Makefile

   nodejs20: updated to 20.20.1

   20.20.1 'Iron' (LTS)
   Notable Changes

   - build: test on Python 3.14 (Christian Clauss)
   - crypto: update root certificates to NSS 3.119 (Node.js GitHub Bot)
   - crypto: update root certificates to NSS 3.117
VersionDeltaFile
1.26+4-4lang/nodejs20/distinfo
1.32+3-3lang/nodejs20/Makefile
+7-72 files